WpEvently — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in WpEvently, with AI-generated Chinese analysis, references, and POCs.

Vendor: magepeopleteam

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-25361	WordPress WpEvently plugin <= 5.1.4 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79	7.1	High	2026-03-25
CVE-2026-32354	WordPress WpEvently plugin < 5.1.9 - Sensitive Data Exposure vulnerability CWE-201	6.5	-	2026-03-13
CVE-2026-23549	WordPress WpEvently plugin <= 5.1.1 - PHP Object Injection vulnerability CWE-502	9.8^AI	Critical^AI	2026-02-19
CVE-2026-24954	WordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerability CWE-502	9.8^AI	Critical^AI	2026-02-03
CVE-2026-24942	WordPress WpEvently plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	8.8^AI	High^AI	2026-02-03
CVE-2025-66082	WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-11-21
CVE-2025-66083	WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-11-21
CVE-2025-54742	WordPress WpEvently Plugin <= 4.4.8 - PHP Object Injection Vulnerability CWE-502	8.8	High	2025-08-28
CVE-2025-54705	WordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerability CWE-862	4.3	Medium	2025-08-14
CVE-2025-32145	WordPress WpEvently plugin <= 4.3.6 - PHP Object Injection vulnerability CWE-502	8.8	High	2025-04-10
CVE-2025-30895	WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability CWE-22	7.5	High	2025-03-27
CVE-2025-30887	WordPress WpEvently Plugin <= 4.2.9 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-03-27
CVE-2024-49703	WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-10-24

All 13 known CVE vulnerabilities affecting WpEvently with full Chinese analysis, references, and POCs where available.